需求
sso框架是一个公司通用的组件,会进行登录用户的验证操作,对于不同用户比如运营用户、营销用户来说通用登录验证的功能是一样的,但是他们各自需要进行运营场景校验、营销场景校验,这个时候就需要使用装饰者模式在不破坏原有单点登陆验证功能的前提下对通用的单点登陆进行扩充
通用sso框架
模拟Spring框架HandlerInterceptor,HanderInterceptor:Spring 拦截器,拦截请求和响应的接口,可以在请求处理前preHandle,请求处理后视图渲染之前postHandle,请求完成后afterCompletion新增业务功能
public interface HandlerInterceptor {
boolean preHandle(String request, String response, Object handler);
}
sso单点登陆校验
public class SsoInterceptor implements HandlerInterceptor{
public boolean preHandle(String request, String response, Object handler) {
// 模拟获取cookie
String ticket = request.substring(1, 8);
// 模拟校验
return ticket.equals("success");
}
}
普通实现
继承单点登陆类,重写校验方法,校验方法中扩充营销或运营业务校验功能
public class LoginSsoDecorator extends SsoInterceptor {
private static Map<String, String> authMap = new ConcurrentHashMap<String, String>();
static {
authMap.put("huahua", "queryUserInfo");
authMap.put("doudou", "queryUserInfo");
}
@Override
public boolean preHandle(String request, String response, Object handler) {
// 模拟获取cookie
String ticket = request.substring(1, 8);
// 模拟校验
boolean success = ticket.equals("success");
if (!success) return false;
String userId = request.substring(8);
String method = authMap.get(userId);
// 模拟方法校验
return "queryUserInfo".equals(method);
}
}
单元测试
public class ApiTest {
@Test
public void test_LoginSsoDecorator() {
LoginSsoDecorator ssoDecorator = new LoginSsoDecorator();
String request = "1successhuahua";
boolean success = ssoDecorator.preHandle(request, "ewcdqwt40liuiu", "t");
System.out.println("登录校验:" + request + (success ? " 放行" : " 拦截"));
}
}
装饰者模式重构
新建抽象类SsoDecorator实现HandlerInterceptor接口,并引入HandlerInterceptor类型的属性,创建HandlerInterceptor类型参数的构造方法,实现HandlerInterceptor接口的preHandle()方法在方法内部使用HandlerInterceptor.preHandle()去调用,新建LoginSsoDecorator继承SsoDecorator实现preHandle()方法,在preHandle()方法内部使用super.preHandle()调用后做逻辑扩展,ApiTest中创建LoginSsoDecorator(new SsoInterceptor())对象调用LoginSsoDecorator类的preHandle()方法,LoginSsoDecorator类的preHandle()方法使用super.preHandle()调用SsoDecorator的preHandle()方法,SsoDecorator的preHandle()方法使用HandlerInterceptor接口的preHandle()方法去执行,此时HandlerInterceptor的实际类型是SsoInterceptor,所以会去执行通过sso单点登陆的校验,校验完之后在执行LoginSsoDecorator的逻辑扩展。
SsoDecorator
public abstract class SsoDecorator implements HandlerInterceptor{
private HandlerInterceptor handlerInterceptor;
private SsoDecorator(){}
public SsoDecorator(HandlerInterceptor handlerInterceptor) {
this.handlerInterceptor = handlerInterceptor;
}
public boolean preHandle(String request, String response, Object handler) {
return handlerInterceptor.preHandle(request, response, handler);
}
}
LoginSsoDecorator
public class LoginSsoDecorator extends SsoDecorator {
private Logger logger = LoggerFactory.getLogger(LoginSsoDecorator.class);
private static Map<String, String> authMap = new ConcurrentHashMap<String, String>();
static {
authMap.put("huahua", "queryUserInfo");
authMap.put("doudou", "queryUserInfo");
}
public LoginSsoDecorator(HandlerInterceptor handlerInterceptor) {
super(handlerInterceptor);
}
@Override
public boolean preHandle(String request, String response, Object handler) {
boolean success = super.preHandle(request, response, handler);
if (!success) return false;
String userId = request.substring(8);
String method = authMap.get(userId);
logger.info("模拟单点登录方法访问拦截校验:{} {}", userId, method);
// 模拟方法校验
return "queryUserInfo".equals(method);
}
}
单元测试
public class ApiTest {
@Test
public void test_LoginSsoDecorator() {
LoginSsoDecorator ssoDecorator = new LoginSsoDecorator(new SsoInterceptor());
String request = "1successhuahua";
boolean success = ssoDecorator.preHandle(request, "ewcdqwt40liuiu", "t");
System.out.println("登录校验:" + request + (success ? " 放行" : " 拦截"));
}
}
总结
抽象类和通用单点登陆类实现共同接口,并引入接口类型属性并使用构造方法来给接口类型属性设值,最后通过接口类型属性调用通用单点登陆校验方法。装饰器实现效果:LoginSsoDecorator ssoDecorator = new LoginSsoDecorator(new SsoInterceptor());